Intel's Software Guard Extensions (SGX) is a recent processor-based security technology that was introduced in the 6th Generation Intel Core processor (microarchitecture codename Skylake). It provides a trusted execution environment for software modules, in the presence of malicious software, operating systems, hypervisors, and some hardware attacks. SGX enables developers to provide, with relative ease and flexibility, a high level of security for their applications. It has a promising role in realizing novel solutions for a wide range of security-critical solutions.
In this talk I will describe the various components of SGX, explain what it can be used for, and what privacy and trust assumptions its security relies on. In the second part of the talk, I will discuss techniques that can allow us to reduce the trust assumptions in various ways; for example, to allow code running on an SGX-capable platform to "prove" to an external verifier that it is running in a "secure enclave"---even if an attacker has access to all the long-term secrets embedded in its hardware.
Alon Jackson, IDC Herzliya